4

我正在使用 pecl oAuth 库,是否可以构建一个身体签名的 oauth 请求,如下所示:

POST http://www.imsglobal.org/developers/BLTI/service_handle.php HTTP/1.0
Host: 127.0.0.1:80
Content-Length: 757
Authorization: OAuth realm="",oauth_version="1.0",
oauth_nonce="29f90c047a44b2ece73d00a09364d49b",
oauth_timestamp="1313350943",oauth_consumer_key="lmsng.school.edu",
oauth_body_hash="v%2BxFnmDSHV%2Fj29qhxLwkFILrtPo%3D",
oauth_signature_method="HMAC-SHA1",
oauth_signature="8auRpRdPY2KRXUrOyz3HKCs92y8%3D"
Content-type: application/xml
<?xml version = "1.0" encoding = "UTF-8"?>
... more xml data ...

我正在尝试使用 IMS Global LTI 标准接口与 Instructure 的 Canvas LMS 进行通信。结果服务允许您使用oauth 签名的 xml 消息将分数发送回 LMS

4

2 回答 2

5

事实证明 pecl oAuth 目前不支持 oaut_body_hash。

我最终使用了来自这个谷歌代码存储库http://code.google.com/p/oauth/的 oAuth 库,并计算了我自己的身体:

$bodyHash = base64_encode(sha1($body, TRUE)); // build oauth_body_hash
$consumer = new \OAuthConsumer($key, $secret);
$request = \OAuthRequest::from_consumer_and_token($consumer, '', 'POST', $endpoint, array('oauth_body_hash' => $bodyHash) );
$request->sign_request(new \OAuthSignatureMethod_HMAC_SHA1(), $consumer, '');
$header = $request->to_header() . "\r\nContent-Type: application/xml\r\n"; // add content type header
于 2012-04-07T13:50:50.227 回答
1

标准OAuth::generateSignature函数允许额外的参数作为第三个参数。这可用于传递自定义正文哈希参数:

$oauth = new OAuth($credentials["oauthKey"], $credentials["oauthSecret"]);

$timestamp = time();
$oauth->setTimestamp($timestamp);

$nonce = mt_rand();
$oauth->setNonce($nonce);

$bodyHash = base64_encode(sha1($content, true)); // $content contains the body
$sig = $oauth->generateSignature('GET', $url, Array("oauth_body_hash" => $bodyHash));

然后我们可以使用它来构建我们的 OAuth 标头:

$header = array
(
    'Content-Type: application/xml'
);
$header[] = 'Authorization: OAuth '.
            'oauth_version="1.0",'.
            'oauth_nonce="'.$nonce.'",'.
            'oauth_timestamp="'.$timestamp.'",'.
            'oauth_body_hash="'.$bodyHash.'",'.
            'oauth_consumer_key="'.$credentials["oauthKey"].'",'.
            'oauth_signature_method="HMAC-SHA1",'.
            'oauth_signature="'.urlencode($sig).'"';
于 2020-07-15T10:11:33.330 回答